Systems Staff Meeting Notes
May 28, 2002

Major security problem on Friday. Domain sign-on was in use and the person it belonged to was not in. Permission problems developed  several log-ons occurred under that user id.

Bills name has been submitted to be the Library Security Manager. Police background check is required.

We will be losing Digital Design  they are disbanding. They will be turned over to outside contractors. Their employees are not passing the security checks.

Screen savers should be set to lock up the machine within three minutes.

Be careful when debugging  log off when working on another users machine. The best practice is to have two separate sign-ons: one secure, one general. We will not push for this yet, although it may be the next requirement that comes through. The main advantage to the two sign-ons is that if something takes over the machine (like a virus), it will take over the privileges/permissions allowed by the sign-on.

Mail  create new ID for Domain Admin & leave current as the regular address.

Password security  with the requirement of 12 characters, ours is probably the most secure on campus.

In the security breach on Friday, the intruder used a phony workstation ID  9999  and was deleting files in the department and running a business on the side with our equipment.

Internal security  changing directory permissions. Permission structure is complicated  we need to think before changing it. No student or pert-time employee permissions will be given out.

Notify Bill of all instances of low-level entries. Lapses in security  correct them, then notify Bill  he has to account for all.

Public boxes  profile desktop  caught in one hour  write permissions were opened up  this is especially sensitive - had to pull old profiles  WUSER after Domain Admin security breach. Domain Admins are like having a master key